Apps without privacy issues: Creating a blockchain wellness app on the cloud

Are you heading to DockerCon next week? We are and we’re bringing back our popular blockchain on Kubernetes app, Kubecoin. Hopefully we see you there, but in the meantime I thought I’d explain why we made Kubecoin in the first place.

Excitement about blockchain has been growing in banks, legal firms, and beyond in the past few years. References to it seem to appear everywhere these days and yet there’s still confusion about it. To clarify, blockchain is the technology behind Bitcoin, which uses distributed computing to authenticate transactions.

As a designer and developer who has lived through many tech hype cycles (like now with blockchain), my approach to learning about new technology is not just to trust articles about it, but to design and build with it.

Earlier this year, my IBM Cloud Patterns content team collaborated on a side project with our sister Emerging Technology Patterns team to create a blockchain concept app. We wanted to invite others to try it out, document how we built it, and talk about what we’ve learned from it.

The blockchain revolution

I didn’t really know a lot about blockchain at first, so I read the book “Blockchain Revolution,” which offers an interesting angle on how blockchain technology could ‘revolutionize’ software solutions socially by empowering the participants of services with more control over their own data.

One of the introductory paragraphs in the book describes a blockchain as a ‘peer-to-peer exchange of value,’ and I really liked the simplicity of that description. The emphasis is on value and not on money. Blockchain offers a way of thinking about the value of our own data, and what we’re willing to exchange that for.

In today’s model, we exchange the value of our data for free Internet search, social networking, and more. Yet there still seems to be an imbalance with that, because big corporations are becoming disproportionately wealthy and powerful by leveraging our data. We’re even hearing stories of our data being exploited for political gain.

Depending on implementation choices, blockchain provides fresh approaches to honest, considerate, accountable, and transparent services. When I finished reading “Blockchain Revolution,” I set up a Google alert about blockchain. Now I get news alerts everyday on how some government, community, or corporations are experimenting in new ways with it.

I’m not going to write a lot about how blockchain achieves that in this blog post, because I want to focus on our app concept. But it is an important thing to note and I encourage everyone to read more about blockchain on Wikipedia. I also valued explanations from Anders Brownworth and his neat interactive demo, which inspired some of the visualization on our Kubecoin leaderboard above.

An accountable wellness app

Insurance companies, employers, and even governments have always been interested in keeping us healthy. But in recent years, they introduced incentives and wearable apps to encourage us to participate in health programs.

As an example, where I live in Ottawa, we had a bike-to-work month. Funded by the municipality, we could claim prizes based on how much we cycled to work during that month. More widely in Canada, there is a wellness app that is collaboratively funded by some provincial governments and the federal government called Carrot Rewards.

As a self-proclaimed health conscious geek, I really like the approach of Carrot Rewards. It is used to both educate me and reward my activity with air miles.

Though these initiatives are positive, there is an underlying concern that insurance companies, employers, and governments can access very personal information. There’s worry, if not a genuine possibility, that it may later influence a participant’s relationship with them.

Thus the inspiration for creating a wellness concept app that is considerate, accountable, and private is possible by using blockchain.

Our wellness app, Kubecoin, works to respect the data of the participant.

Kubecoin

Initially, the motivation for Kubecoin was to create an online simulation of a person’s footsteps converting into a ‘cryptocurrency’ called kubecoins (because we are showcasing blockchain on Kubernetes).

However, a neat opportunity to experiment in real life became apparent by inviting conference attendees to try out a mobile app—essentially putting a blockchain in their hands.

The idea is that attendees walk around the conference and convert their footsteps into ‘kubecoins,’ which could later be traded for conference swag. 100 footsteps = 1 kubecoin and even the conference swag is inventory that is controlled on a blockchain.

Good blockchains restrict the opportunity for human interference. Kubecoin takes fitness data directly from the phone health kit and places transactions on the ‘Kubechain.’ The app works anonymously, it assigns a made-up identity to you, along with a randomly generated avatar. Your data can’t be traced to you, but you’ll be able to see where your assigned avatar ranks on our leaderboard.

We ran an initial version of the app as part of ‘The Secret Map’ at IBM’s Think conference, where almost 200 participants tried it out. We also released a subsequent version at KubeCon where another 100 people tried the app.

Kubecoin was, without a doubt, highly popular. In fact, it was so popular that several organizations asked us about reusing our open source code to experiment with internal and external versions of it for themselves.

Cloud technology

Kubecoin runs on IBM Cloud. It is mostly deployed on the IBM Cloud Kubernetes Service following an IBM Code pattern, although it benefits a little from IBM Cloud Functions, too. The dashboard is a simple Node.js app, which we quickly deployed as a Cloud Foundry app for convenience.

High-level deployment architecture of Kubecoin

Kubecoin not only works in open source, but allows participants to immerse in the technology and feel how quickly and reliably IBM Cloud delivers the experience. They can study it on their own screen, in their own time and point out problems to us if they exist.

In our current state of affairs, development teams just need to become familiar with blockchain. We set out to explain how effortless it can be to incorporate blockchain into your code with our Code Patterns—they’re a great approach for developers who want to experiment with the tech in a contained way.

Android or iOS?

Whether you choose Android or iOS, we have both! Here is the iPhone App code, both of which are coded in open source. The Android repo has a more detailed architecture diagram that you can read about, plus you can see how we’re building with other services like Redis, MongoDB, and RabbitMQ.

Tenets of cloud development

When we first suggested the idea of running Kubecoin at KubeCon, the feedback we received was that it needed to demonstrate five tenets of cloud development that the IBM Cloud team cares about. So we added a booklet to link to IBM Code Patterns, blog posts, and repos that showcased these considerations in the context of Kubecoin.

Kubecoin showing 5 tenets of cloud development

Kubecoin itself is very Cloud Native. It is secure in that it uses blockchain, it is modern and extensible (we have some machine learning additions coming later this year). You can see from the diagram above how it is broken into microservices, and we used continuous integration and frequent deployment and testing to make this run with zero crashes at two events—all done fluidly despite the accelerated development across five developers and three separate labs.

Design notes

Some notes about the visual design influences. After trying a few ideas, I came across a photo of a palette that I liked and picked out some colors from Pantone that aligned with my vision.

I wanted colors that were fresh, healthy, yet still restrained. I favor lots of whitespace in my apps, and work hard to simplify user flows. This quote exemplifies what I envisioned:

“A designer knows he has achieved perfection not when there is nothing left to add, but when there is nothing left to take away.”
— Antoine de Saint-Exupery

For the client, the app is simple … they walk, their steps are recorded. But behind the scenes is a sophisticated, state of the art blockchain network, protecting, accurately recording, and converting their personal data.

I tried to make the logo image look like an actual coin, but also contain the Kubernetes logo. The Kubecon conference was held in Denmark, where the beautiful Kroner coins ( with the hole in the middle and hearts at the side ) have inspired a new iteration of the logo, that you can see above.

I created a random Avatar generator called ‘minifig’ that draws simple avatars, generated with colors from the same above palette to keep a consistent feel to the app and the dashboard.

The future

We do want to push a little more with Kubecoin. We’re taking it to DockerCon next week with a couple of minor enhancements (you’ll have to wait and see!). But we’re also going to keep sharing it at a couple more conferences before the year is out with more enhancements, so stay tuned. My hope for Kubecoin’s future is to launch it at an even bigger scale and with a machine learning component.

Machine learning means that Kubecoin will make constant predictions based on the speed and distance people walk, to determine the value of the swag they exchange their kubecoins for. I have some design ideas forming around how we can make that interesting for participants.

Kubecoin is just one sample app that our team made. We have many ideas in development, such as an app that I designed called WatsonML (available on iTunes here), which uses Apple and IBM’s Core ML. And our Cloud Pattern team is constantly creating new patterns and workshop materials for you guys. In the meantime, I hope our experiment has opened up some ideas for you, too.

Really liked this case study! How are user identities handled and used in this example? Is each user thought of as a participant in the blockchain and assigned their own certificate? Would for example a request to transfer or spend Kubecoins just be verified through the session with the the app servers and then executed using the app server’s certificate, or is there some other security measurements in place?